or Connect
AVS › AVS Forum › Video Components › Home Theater Computers › HTPC - Linux Chat › Using Linux for malware protection.
New Posts  All Forums:Forum Nav:

Using Linux for malware protection.

post #1 of 3
Thread Starter 
I seem to be in an instigating mood this week, so I'll throw this one out for comments.

This is an excerpt from the Security Now podcast with Steve Gibson and Leo Laporte Episode #259 (Listener Feedback #97).

Leo is reading a viewer question and Steve is answering:



Leo: Yeah, yeah. Good. Lee Elliott in Columbia, Missouri has thought about the new Windows LNK shell vulnerability and virtual surfing: Steve and Leo, I've been listening for a few years. I'm caught up with listening to, if maybe not fully understanding, all of the episodes. Join the club, by the way, Lee. This Windows shell vulnerability has me a little freaked out. I'm looking at a bunch of "white page" icons right now on my Windows 7 machine. This seems a bit Draconian. I guess he applied the Microsoft workaround.

Steve: Fix, the temporary fix, yes.

Leo: Assuming that I'm not vulnerable to a sneaker net attack, would it adequately protect me to do all my surfing on a Linux virtual machine? Of course this would mean not opening documents, et cetera, outside of that virtual machine that might have an offending shortcut, and I don't have any network shares. Basically, I'm trying to avoid inadvertently surfing to a malicious web page. Or am I misunderstanding the threat, or the protection that surfing from a virtual Linux machine might provide? Hey, that's a great suggestion. Lee Elliott, Columbia, Missouri - SpinRite owner, Carbonite user, Audible listener. Right on.

Steve: Okay. Absolutely, doing your surfing in a Linux virtual machine is about the best thing I could imagine for protection, better even than surfing in a Windows virtual machine because a Windows virtual machine will be a virtual machine known to be vulnerable. You would be counting on the virtualization to protect you, which is probably a good bet. But, gee, if all you really want to do is surf, then Linux is going to boot faster. So just use a nice Linux running in a virtual machine, and it doesn't have the shortcut problem at all.So by essentially switching to Linux for your surfing, by virtue of running it in a virtual machine running on top of Windows, you have complete containment of surfing. So you have the security of just in general being on Linux, which is not being attacked to the same degree that Windows is, so there's a bonus there. And you have virtualization, so there's a bonus there. And you're in an OS that doesn't have the LNK shell shortcut problem. So that's just - that's a huge win. Absolutely. I would recommend that. If that's something that you want to do, you're completely safe from this particular problem - and probably lots of other ones that we don't know about yet.

Leo: In fact, if I were you, I would just throw out the Windows and run Linux.

Steve: Yeah, exactly.


post #2 of 3
Quote:
Originally Posted by Mac The Knife View Post

Leo: In fact, if I were you, I would just throw out the Windows and run Linux.

Steve: Yeah, exactly.


Hmmm. I can't quite put my finger on it. But, based on your nom de plume, I'm thinking there might be yet another alternative?
post #3 of 3
Thread Starter 
Actually, my screen name comes from the Mack The Knife character in the Threepenny Opera (I was trying to think of something with a 'theater' connection for AVSForum and that's all I could come up with since my dad used to go by that nickname). The "Mac" instead of Mack was just a typo, I wasn't thinking of Macintoshes when I did it and I haven't used a Mac since the "SE" days.

It'd be a neat pun if I was a Mac user, but since I'm not, it doesn't really work for me.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: HTPC - Linux Chat
AVS › AVS Forum › Video Components › Home Theater Computers › HTPC - Linux Chat › Using Linux for malware protection.